would do. but are you sure you want to refuse mail from all but selected
networks? if this box is your MX, you should accept mail from all but
selected networks. otherwise, how would people reply to your users.

Note that mail to <postmaster> is whitelisted and will still be accepted
(as is mail to the address used in address verification probes).

>
> Would that interfere with anything else? I don't think I need all the
> other stuff if I had the above, because the access file would pretty
> much define who can connect, and everyone else would be rejected, right?

see above. many people will blocklist you if you block them without
reason. so you'll end up building a "private team space"...